Re: [Masq] Firewall Scripts.....

Darren Clissold Wed, 20 Oct 1999 18:45:37 -0700
/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */


> So, since I'm unable to figure it out on my own, does anyone have
> a good firewall script they can send me for RedHat 5.2 using
> ipfwadm?

Take a look at http://www.wolfenet.com/~jhardin/ipfwadm.html

--
John Hardin KA7OHZ         ICQ#15735746          [EMAIL PROTECTED]
pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76


I made a script called firewall using a modified script from the init.d
directory for starting and stopping the deamons
Just place all your firewall rules in the start section of the case statement

#!/bin/bash
# -------------------- Firewall script ----------------------
#
# Control firewalling using this script:
#
# firewall start -start firewalling with the rules below
# firewall stop -stop firewalling (& masquerading)
# firewall restart-stop then start (after short delay)
# firewall state -report current running state
# firewall rules -report current firewall rules
# -----------------------------------------------------------------------
#
# General stuff:
PATH=/usr/bin:/sbin:/bin:/isr/sbin
export PATH
# start or stop the firewalling:
case "$1" in
start)
    echo -n "Starting masquerade services..."
    depmod -a
    modprobe ip_masq_ftp
    modprobe ip_masq_cuseeme
    modprobe ip_masq_irc
    modprobe ip_masq_quake
    modprobe ip_masq_raudio
    modprobe ip_masq_vdolive
    echo "done"
    echo -n "Configuring for masquerade..."

# Flush Input rules
    ipfwadm -I -f

# Transparent Proxying
# ipfwadm -I -a accept -P tcp -S 192.168.3.0/24 -D any/0 http -r 3128

# Flush Ouput rules
    ipfwadm -O -f

# Flush Forward rules
    ipfwadm -F -f
    ipfwadm -F -p deny

    ipfwadm -F -a masquerade -S 192.168.3.0/24 -D 0.0.0.0/0

    echo "done"
    echo "Running" > ./firewall_state
    ;;

stop)
    echo -n "Shutting down firewall & masquerade..."
    ipfwadm -I -f
    ipfwadm -I -p accept
    ipfwadm -O -f
    ipfwadm -O -p accept
    ipfwadm -F -f
    ipfwadm -F -p accept
    echo "done"
    echo "Stopped" > ./firewall_state
;;

restart)
    $0 stop
    sleep 2
    $0 start
    ;;

state)
    if [ -f ./firewall_state ]; then
        S=$(cat ./firewall_state)
    else
        S="in an unknown state"
    fi
    echo "Firewall is $S."
    ;;

rules)
    ipfwadm -I -l
    ipfwadm -O -l
    ipfwadm -F -l
    ipfwadm -M -l
    ipfwadm -A -l
    ;;
*)
    echo "Usage: $0 {start|stop|restart|state|rules}"
    exit 1
esac
exit 0

Darren Clissold

Datafast Telecommunications,
[EMAIL PROTECTED]

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES 
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
Re: [Masq] Firewall Scripts.....

Reply via email to
